Posted
by
timothyon Sunday December 15, 2013 @03:51PM
from the no-peeking-now dept.

cagraham writes "In a seemingly minor update, Google announced that all Gmail images will now be cached on their own servers, before being displayed to users. This means that users won't have to click to download images in every email now — they'll just automatically be shown. For marketers, however, the change has serious implications. Because each user won't download the images from a third-party server, marketers won't be able to see open-rates, log IP addresses, or gather information on user location and browser type. Google says the changes are intended to enhance user privacy and security."

Well, pulling all the images certainly solves the problem of having to display emails with images. The only reason we (I) don't click the display-images button is because the images allow us to be tracked, the images may have some sort of exploit (rare). Originally this used to be due to limited download speeds.

I suspect caching the images allow pre-processing of the images and therefore making the whole system more secure by default. Images could therefore be displayed in full by default with images, preferably with some large images being intelligently excluded by default.

Google could release a mass marketing email API/gateway and monetise that allowing marketeers access to data regardless of whether you open the images/email or not. This is slightly more valuable information.

Actually, this is rather awesome for spam/tracking of "real" addresses.Before silly users could refuse to load external tracking pixels with unique IDs, assigned to each email.And now? It's auto-downloaded for everyone. Yay!

There is no pretense by Google any longer. They are basically in full-out "as evil as possible" mode now. Pretty much everything they've done for a long time has zero benefit for the end user. Today it is removing the ability for end users to block third party images. Yesterday it was removing the ability of end users to control privacy settings for Android apps. Day after day, Google does something that is good for them and bad for end users. They are an evil that never sleeps, a cold machine intelligence that has but one law -- "Embrace, Extend, Extinguish".

The article does not state of all images would be cached automatically even if you have not read your mail. It only says that images would be served through a Google proxy server, which caches the images.

So if Google proxies and caches the images when you open the mail, there is no protection added from marketers, except for the fact that Google can scan the images for exploits.

And if Google proxies and caches the images as soon as the service receives the mail, marketers can verify if the address is a valid gmail address or not by just sending mails and waiting for Google to cache the image. Expect more spam if this is the case.

There will be true protection from email tracking only if Google caches the images in all emails it receives, even if the email address is invalid - and that would increase the load on Google servers quite a bit.

And if Google proxies and caches the images as soon as the service receives the mail, marketers can verify if the address is a valid gmail address or not by just sending mails and waiting for Google to cache the image. Expect more spam if this is the case.

Verifying that foobar@gmail.com is a valid address doesn't give spammers any real information: the namespace is so full even most pwgen outputs point to existing names, as long as you don't have embedded numbers (on gmail, addresses seem to have numbers at the end).

Thus, that check can be quite simplified to "does a Markov chain say this string of letters is pronounceable?". Not a big benefit to a spammer. On the other hand, they don't get told anything about the recipient anymore.

While for a small mail provider this change might leak some info, for Gmail it seems to be nearly entirely positive.

I for one don't use Gmail for privacy reasons, and don't fetch remote images, but good luck training aunt Lucy about that.

To enhance user privacy and security, don't use services from this huge ad broker which has a small army of lobbyists working Washington to prevent laws that would harness our privacy, and which works with the NSA to rape our liberty and privacy. If you use gmail, you should have no expectations of privacy or security whatsoever. That would be insane. It is everything their prime directive is not - i.e. make money of your privacy.

Marketeers already know the address exists the moment they get a 200 on the RCPT TO: header. Spammers, using botnets, generally don't care about the maildelivery itself, for these the autodownload of images is extra information.

Spammers do everything in their power not to get bounce messages. They do everything they can to not personally contact your (google's) mail server.

The fact that uniquely encoded image URLs are embedded in virtually ALL spam and UCE should be proof enough for you that you haven't thought your argument through. Go look at your email raw view someday.

How would you feel about your customers sending tracking images to you with orders/complaints/queries? Just to "fine-tune" whether they deal with you again? I imagine it could be statistically enlightening to see how quickly you open emails, how often, and how long the response takes. Not so keen?

I appreciate your efforts to ensure that your emails lists are on target and not spammy, many companies are not so diligent. (Particularly with confirmed opt-ins.) But you have no automatic right to collate any further information about your customers unless they intentionally provide it. Tracking images are sneaky and most certainly not used by your customers intentionally. There is a reasonable expectation of privacy when reading your own email on your own computer.

You're right about two things though. The days are long gone when spammers cared about whether an address was valid or not. They are not incurring any costs spamming to invalid addresses. All they care about is how many suckers they hook with a response. And yes, the cached image hits are yet more information being sucked up by google, that will inevitably be sold in some way in the future.

Yep and in fact despite what I said earlier, this could be worse. If google pre-fetch every image for instance, then this could have some horrid consequences. Such as confirming e-mail addresses.

Jason

You all seem to assume you are the first people to realise this, ten to one says some Google engineer also realised this and so is just going to get the software to do a hit on the sending or linked server for every image, even if the email address it was sent to does not exist. Then, they can use the content of that image as an additional way to help identify unsolicited email.